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APPELLANT'S BRIEF PURSUANT TO 37 C.F.R. § 41.37 

This brief is being filed in support of Appellant's appeal from the rejections of claims 
1-78 dated May 31, 2006. A Notice of Appeal was filed on November 30, 2006. 

1. REAL PARTY IN INTEREST 

Gutenberg Printing LLC is the real party of interest by virtue of an assignment 
recorded October 4, 2004 at Reel 015123, Frame 0050. 

2. RELATED APPEALS AND INTERFERENCES 

None 

3. STATUS OF CLAIMS 

Claims 1-78 Rejected and on Appeal 

4. STATUS OF AMENDMENTS 

None have been accepted. 

5. SUMMARY OF CLAIMED SUBJECT MATTER 

The invention relates to a method of operating the central server 1 8 of a computer 
network shown in Figure 1. A user uses one of the client terminals 12, 14 or 16 to access the 
central server 18 over the network 10 which may, for example, be the internet. The invention 
is shown in the flow chart of Figure 4 which depicts the steps performed by the central server 
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The user initiates the session as indicated at 401 in the flow sheet. The term "session" 
refers to an interaction between a user and a server which begins with a login request by the 
user and concludes with either a logout request by the user or a session time-out generated by 
the server after a predetermined time. Specification page 8, lines 6-9. 
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The central server transmits a sign-in form to the user as indicated by the Step 402. 
The user transmits his user name and password back to the central processor as indicated at 
step 403. The central server performs user name and password lookup, step 404. 

If the user is authenticated, as indicated at 405, the central computer generates a 
random number as indicated by step 407. 

In accordance with the present invention this is a random number which identifies 
both the session and the user. It uniquely identifies the user and the session after which the 
process continues as further shown in steps 409-412 and as described in the specification at 
the last paragraph on page 13. 

6. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

Whether the rejection of claims 1, 3-10, 12-20, 22-29, 31-38, 40-49, 51-59, 61-69 and 
71-78 as being unpatentable over Wood (US Patent No. 6,668,322 Bl) in view of Zhao (US 
Patent 6,035,404) is proper. 

Whether the rejection of claims 2, 11,21, 30, 39, 50, 60 and 70 as being unpatentable 
over Wood in view of Zhao and Gupta (US Patent No. 6,226,752) is proper. 

7. ARGUMENT 

a. No Prima Facie Obviousness 

Applicant respectfully seeks review and reversal of the foregoing rejections on the 
grounds that there is a clear deficiency in the Examiner's prima facie case in support of the 
rejections. The following remarks focus on applicant's claim 1 and the rejection based on the 
combined disclosures of Wood and Zhao. 

Claim 1 reads as follows: 

A method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a user for an application instance, the 
request including a single identifier used to identify both a session and 
a user for all user requests without further user and session 
application variables; and 

transmitting an application instance response to the user based on 
stored user and session system information. 
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The examiner stated that Wood is "silent on a single identifier used to identify both a 
session and a user," but contends that Zhao cures this deficiency of Wood. Applicant argues 
that the combination of Zhao and Wood is improper because Wood teaches away from from 
the use of a single identifier as recited by claim 1 . 

The examiner responded to applicant's arguments by stating that Wood teaches the 
claimed method, including the request including a single identifier for all user requests 
without further user and session application variables. Wood does not teach the use of a 
single identifier. Rather, Examiner is relying upon his own perceived knowledge of the prior 
art to supply this teaching. See para. 2 on p. 2 of the Final Rejection dated May 31, 2006: 

Wood teaches the method, comprising receiving a first request from a user for an 
application instance (user request for information resources/applications, see columns 4, lines 
60-67 and column 5, lines 1-9), the request including a single identifier for all user requests 
without further user and session application variables (i.e., a user providing a unique session 
identifier, that is used for access requests to multiple applications) [column 8, lines 13-15, 45- 
49, and column 10, lines 30-39, 49-53] . Furthermore, it is old and well known in the art to 
identify both a session and a user by a single identifier, which has the advantage of allowing 
flexible control of user logins and session information thereby enhancing security of the 
system. For example, Zhao teaches a user access system including a single identifier used to 
identify both a session and a user for all user requests (i.e., see for example, Session ID 
associated with IUID & Start Time and Time out) [column 5, lines 39-67 and figure 6] 

b. Applicant's Invention Has Unexpected Advantages 

Examiner concedes that Wood is "silent" with respect to single indentifier. In the 
same paragraph, the examiner contends that "it is old and well known in the art to identify 
both a session and a user by a single identifier." Applicant respectfully challenges the source 
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of this teaching. Examiner's purported reason for this is that it "has the advantage of 
allowing flexible control of user logins and session information thereby enhancing security of 
the system." This advantage is unexpected. If Wood had recognized this advantage surely he 
would have used a single identifier. He did not recognize the advantages of using a single 
identifier and others in this field did not recognize that the system of Wood could be 
improved by using a single identifier. The unexpected advantages and the failure of others 
are objective evidence of invention. Graham v. John Deere Co. of Kansas City, et al., 148 
U.S.P.O. 459. 383 U.S. 1 (1966) . 

c. Zhao Does Not Suggest that Wood be Modified to Enhance 
Security 

Then, the examiner cites Zhao as teaching "a user access system including a single 
identifier used to identify both a session and a user for all user requests." 

Thus far, the rationale supporting the combination of Wood and Zhao is unclear. The 
examiner has not, we respectfully submit, stated a good reason why a person of ordinary skill 
in the art would have been motivated, or found it obvious, to modify Wood to include a 
"single identifier" as recited in claim 1. 

In the Final Rejection, the examiner rejects claims 1, 7 and 9, and this time the 
examiner again states that Wood "is silent on a single identifier used to identify both a 
session and a user." Here again, the examiner proposes to combine Wood and Zhao, the 
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rationale being that the combination would thereby enhance the security of the system. 1 
Enhancing the security is an advantage recognized only by applicant. It is improper to use 
applicant's teaching to make a case of obviousness 

d. Wood Teaches Away from Combining References 

But why would the system described by Wood need security enhancements of this 
kind? Why would the person of ordinary skill be motivated to make this combination? We 
respectfully submit that this person would have been motivated against making such 
modification to Wood. The Final Rejection correlates the "session cookie" of Wood to the 
"single identifier" of claim 1. However, in col. 8, lines 9-25, Wood describes using two 
separate identifiers within a session to identify the session and the user. These are the 
"session id" and "principal id" of Wood. Also, Wood describes that there are additional user 
session and application variables, namely, "a trust level, group ids, a creation time, and 
expiration time." In Wood, the trust level is associated with the unique principal id and 
"serves as a basis for evaluating whether a principal associated with the session credentials 
has been authenticated to a sufficient level. . ." (emphasis added) Col. 8, lines 26-30. If the 
same id were used for the session and user, then this evaluation of user authentication using 
the trust level would not be possible because the user would not be able to be differentiated 
from the session. This is contrary to and teaches away from the recitation in claim 1 that "the 
request including a single identifier used to identify both a session and a user for all user 

1 See pp. 3 4 of the Final Rejection, in para. 6: 

Wood is silent on a single identifier used to identify both a session and a user. However, 
it is old and well known in the art to identify both a session and a user by a single 
identifier, which has the advantage of allowing flexible control of user logins and session 
information thereby enhancing security of the system. For example, Zhao teaches a user 
access system including a single identifier used to identify both a session and a user for 
all user requests (i.e., see for example, Session ID associated with IUID & Start Time and 
Time out) [column 5, lines 39-67 and figure 6]. Both Wood and Zhao teach a method for 
performing user and session management. It would have been obvious to one having 
ordinary skill in the art at the time of applicant's invention to employ the teachings of 
Zhao within the system of Wood thereby enhancing the security of the system. 
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requests without further user and session application variables". For this reason, applicant 
respectfully asserts that the examiner has not presented a proper prima facie case of 
obviousness, and that in fact there is no teaching, suggestion, or motivation to combine Wood 
and Zhao as the examiner has proposed. 

Furthermore, modifying Wood to include the "single identifier ..." as recited by claim 
1 would render Wood unsatisfactory for its intended purpose (which is to identify 
session/user and authenticate trust level). This shows that there is no suggestion to combine 
Wood and Zhao (see MPEP 2143.01V). 

CONCLUSION 

Applicant believes that the arguments above are responsive to each point raised by the 
Examiner in the Office Action. Applicant submits that claims 1-78 of the application define 
nonobvious subject matter. The rejection should be reversed. 

March 6, 2007 /Richard E. Kurtz/ 



Woodcock Washburn LLP 
Cira Centre 

2929 Arch Street, 12th Floor 
Philadelphia, PA 19104-2891 
Telephone: (215) 568-3100 
Facsimile: (215) 568-3439 



Richard E. Kurtz 
Registration No. 19,263 
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8. CLAIMS APPENDIX 

1 . (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a user for an application instance, the request including 
a single identifier used to identify both a session and a user for all user requests without 
further user and session application variables; and 

transmitting an application instance response to the user based on stored user and 
session system information. 

2. (Original) The method of claim 1, wherein the single identifier includes a random 
number associated with the user. 

3. (Original) The method of claim 1, further comprising: 
authenticating an identification of the user; and 
assigning the single identifier to the user. 

4. (Original) The method of claim 3, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 

comparing the user name and password to stored parameters. 

5. (Original) The method of claim 1, further comprising: 

receiving a second request from the user for a second application instance, the second 
request including the identifier; and 

processing the request with the application instance. 

6. (Original) The method of claim 1, further comprising: 

receiving a second request from a second user, the second request including a second 
identifier corresponding to the second user; and 

generating a second application instance responsive to the second identifier. 

7. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 
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means for receiving a first request from a user for an application instance, the request 
including a single identifier used to identify both a session and a user for all user requests 
without further user and session application variables; and 

means for transmitting an application instance response to the user based on stored 
user and session system information. 

8. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

a processor; and 

a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 

receive a first request from a user for an application instance, the request 
including a single identifier used to identify both a session and a user for all user requests 
without further user and session application variables; and 

transmit an application instance response to the user based on stored user and 
session system information. 

9. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, the method comprising: 

receiving a first request from a user for an application instance, the request including 
a single identifier used to identify both a session and a user for all user requests without 
further user and session application variables; and 

transmitting an application instance response to the user based on stored user and 
session system information. 

10. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving a request for an application instance from a user; 

assigning a single identifier used to identify both a session and a user to the user for 
handling all user requests; and 

transmitting an application instance response to the user, wherein the single 
identifier is static for all requests from the user for a session. 
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1 1 . (Original) The method of claim 10, wherein the single identifier is a random number. 



12. (Original) The method of claim 10, wherein the single identifier does not include user 
or session application variables for use by the application instance. 

13. (Original) The method of claim 10, wherein said assigning further comprises: 
authenticating an identification of the user. 

14. (Original) The method of claim 13, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 

comparing the user name and password to stored parameters. 

15. (Original) The method of claim 10, further comprising: 

receiving a second request from the user for a second application instance, the second 
request including the identifier; and 

processing the request with the second application instance, while maintaining the 
first application instance. 

16. (Original) The method of claim 1, further comprising: 

receiving a second request from a second user, the second request including a second 
identifier corresponding to the second user; and 

generating a second application instance responsive to the second identifier. 

17. (Original) An apparatus for performing user and session management over a computer 
network, comprising: 

means for receiving a request for an application instance from a user; 
means for assigning a single identifier to the user for handling all user requests; and 
means for transmitting an application instance response to the user, wherein the single 
identifier is static for all requests from the user for a session. 

18. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

a processor; and 
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a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 

receive a request for an application instance from a user; assign a single identifier to 
the user used to identify both a session and a user for handling all user requests; and transmit 
an application instance response to the user, wherein the single identifier is static for all 
requests from the user for a session. 

19. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, the method comprising: 

receiving a request for an application instance from a user; 

assigning a single identifier to the user used to identify both a session and a user for 
handling all user requests; and 

transmitting an application instance response to the user, wherein the single identifier 
is static for all requests from the user for a session. 

20. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a user for a first application instance, the first request 
including an identifier used to identify both a session and a user; 

transmitting a first application instance response to the user; 

receiving a second request from the user for a second application instance, the second 
request including the identifier; and 

processing the request with the second application instance. 

21 . (Original) The method of claim 20, wherein the identifier is a random number. 

22. (Original) The method of claim 10, wherein the identifier does not include user or 
session variables for use by the application instance. 

23. (Original) The method of claim 20, further comprising: 
authenticating an identification of the user; and 
assigning the identifier to the user 

24. (Original) The method of claim 13, wherein said authenticating comprises: 
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transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 
comparing the user name and password to stored parameters. 

25. (Original) The method of claim 20, further comprising: 

receiving a third request from a second user, the third request including a second 
identifier corresponding to the second user; and 

generating a second application instance responsive to the second identifier. 

26. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

means for receiving a first request from a user for a first application instance, the 
first request including an identifier used to identify both a session and a user; 
means for transmitting a first application instance response to the user; 
means for receiving a second request from the user for a second application instance, 
the second request including the identifier; and 

means for processing the request with the second application instance. 

27. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

a processor; and 

a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 

receive a first request from a user for a first application instance, the first 
request including an identifier used to identify both a session and a user; 

transmit a first application instance response to the user; receive a second 
request from the user for a second application instance, the second request including the 
identifier; and 

process the request with the second application instance. 

28. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, the method comprising: 
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receiving a first request from a user for a first application instance, the first request 
including an identifier used to identify both a session and a user; 

transmitting a first application instance response to the user; 

receiving a second request from the user for a second application instance, the second 
request including the identifier; and 

processing the request with the second application instance. 

29. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving, from a user, a first request in a first session, the first request including an 
identifier used to identify both a session and a user; 

transmitting a first application instance response to the user in response to the first 
request; 

receiving, from the user, a second request in a second session, the second user request 
including the identifier; and 

processing the second request through the first application instance. 

30. (Original) The method of claim 29, wherein the first identifier includes a random 
number associated with the user. 

3 1 . (Original) The method of claim 29, further comprising: 
authenticating an identification of the user; and 
assigning the identifier to the user. 

32. (Original) The method of claim 31, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 

comparing the user name and password to stored parameters. 

33. (Original) The method of claim 29, further comprising: 

receiving a third request from the user in the first user session, the third request 
including the identifier; and 

processing the request with the application instance. 



34. 



(Original) The method of claim 29, further comprising: 
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receiving a third request from a second user, the third request including a second 
identifier corresponding to the second user; and 

generating a second application instance responsive to the second identifier. 

35. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

a processor; and 

a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 

receive, from a user, a first request in a first session, the first request including 
an identifier used to identify both a session and a user; 

transmit a first application instance response to the user in response to the first 

request; 

receive, from the user, a second request in a second session, the second user 
request including the identifier; and 

process the second request through the first application instance. 

36. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

means for receiving, from a user, a first request in a first session, the first request 
including an identifier used to identify both a session and a user; 

means for transmitting a first application instance response to the user in response to 
the first request; 

means for receiving, from the user, a second request in a second session, the second 
user request including the identifier; and 

means for processing the second request through the first application instance. 

37. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, the method comprising: 

receiving, from a user, a first request in a first session, the first request including 
an identifier used to identify both a session and a user; 

transmitting a first application instance response to the user in response to the first 
request; 
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receiving, from the user, a second request in a second session, the second user request 
including the identifier; and 

processing the second request through the first application instance. 

38. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a first user session for a user, the first request including 
an identifier; 

receiving a second request from a second user session for the user, the second request 
including the identifier used to identify both a session and a user without further user or 
session application variables; and 

transmitting a response to the first and second requests, based on the identifier and a 
system session variable stored for each of the first and second user sessions. 

39. (Original) The method of claim 38, wherein the single identifier includes a random 
number associated with the user. 

40. (Original) The method of claim 38, further comprising: 
authenticating an identification of the user; and 
assigning the identifier to the user. 

41 . (Original) The method of claim 40, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 

comparing the user name and password to stored parameters. 

42. (Original) The method of claim 38, further comprising: 

receiving a third request from one of the first and the second user sessions, the third 
request including the identifier; and 

processing the request with the application instance. 

43. (Original) The method of claim 38, further comprising: 

receiving a third request from a second user, the third request including a second 
identifier corresponding to the second user; and 

generating a second application instance responsive to the second identifier. 
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44. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

means for receiving a first request from a first user session for a user, the first request 
including an identifier; 

means for receiving a second request from a second user session for the user, the 
second request including the identifier used to identify both a session and a user without 
further user or session application variables; and 

means for transmitting a response to the first and second requests, based on the 
identifier and a system session variable stored for each of the first and second user sessions. 

45. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

a processor; and 

a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 

receive a first request from a first user session for a user, the first request 
including an identifier; 

receive a second request from a second user session for the user, the second 
request including the identifier used to identify both a session and a user without further user 
or session application 

variables; and 

transmit a response to the first and second requests, based on the identifier and 
a system session variable stored for each of the first and second user sessions. 

46. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a first user session for a user, the first request including 
an identifier; 

receiving a second request from a second user session for the user, the second request 
including the identifier used to identify both a session and a user without further user or 
session application variables; and 



DOCKET NO.: IVGP-0005 - 17 - PATENT 

transmitting a response to the first and second requests, based on the identifier and a 
system session variable stored for each of the first and second user sessions. 

47. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a first user session for a user, the first request including 
an identifier; and 

transmitting a first response to the first request, based on the identifier and a first 
system session variable stored in a user database. 

receiving a second request from a second user session for the user, the second request 
including the identifier used to identify both a session and a user without further user or 
session application variables; and 

transmitting a second response to the second request, based on the identifier and a 
second system session variable stored in the user database. 

48. (Original) The method of claim 47, wherein the first response and the second response 
are generated from a single application instance. 

49. (Original) The method of claim 48, wherein the identifier does not include further 
user and session variables for use by the application instance. 

50. (Original) The method of claim 47, wherein the identifier includes a random number 
associated with the user. 

5 1 . (Original) The method of claim 47, further comprising: 
authenticating an identification of the user; and 
assigning the single identifier to the user. 

52. (Original) The method of claim 51, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 

comparing the user name and password to stored parameters. 



53. (Original) The method of claim 48, further comprising: 
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receiving a third request from the user in the first user session, the third request 
including the identifier; and 

processing the request with the application instance. 

54. (Original) The method of claim 47, further comprising: 

receiving a third request from a second user, the third request including a second 
identifier corresponding to the second user; and 

generating a second application instance responsive to the second identifier. 

55. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

means for receiving a first request from a first user session for a user, the first request 
including an identifier; and 

means for transmitting a first response to the first request, based on the identifier 

and a first system session variable stored in a user database. 

means for receiving a second request from a second user session for the user, the 
second request including the identifier used to identify both a session and a user without 
further user or session application variables; and 

means for transmitting a second response to the second request, based on the identifier 
and a second system session variable stored in the user database. 

56. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

a processor; and 

a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 

receive a first request from a first user session for a user, the first request 
including an identifier; and 

transmit a first response to the first request, based on the identifier and a first 
system session variable stored in a user database. 

receive a second request from a second user session for the user, the second 
request including the identifier used to identify both a session and a user without further user 
or session application variables; and 
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transmit a second response to the second request, based on the identifier and a 
second system session variable stored in the user database. 

57. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, the method comprising: 

receiving a first request from a first user session for a user, the first request including 
an identifier; and 

transmitting a first response to the first request, based on the identifier and a first 
system session variable stored in a user database. 

receiving a second request from a second user session for the user, the second request 
including the identifier used to identify both a session and a user without further user or 
session variables; and 

transmitting a second response to the second request, based on the identifier and a 
second system session variable stored in the user database. 

58. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving a first request from a first user, the first request including a first identifier 
used to identify both a session and a user corresponding to the first user; 

receiving a second request from a second user, the second request including a second 
identifier used to identify both a session and a user corresponding to the second user; and 

generating a first application instance responsive to the first identifier and a second 
application instance responsive to the second identifier. 

59. (Original) The method of claim 58, wherein the first identifier and the second 
identifier do not include user and session application variables for use by the first and the 
second application instances. 

60. (Original) The method of claim 58, wherein the first identifier includes a random 
number associated with the first user and the second identifier includes a second random 
number associated with the second user. 



61. 



(Original) The method of claim 58, further comprising: 
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authenticating an identification of the first and second users; and 

assigning the first identifier to the first user and the second identifier to the second 

user. 

62. (Original) The method of claim 61, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the user; 
receiving the user name and password from the user; and 

comparing the user name and password to stored parameters. 

63. (Original) The method of claim 58, further comprising: 

receiving a third request from the first user, the third request including the first 
identifier; and 

processing the request with the first application instance. 

64. (Original) The method of claim 58, further comprising: 

receiving a third request from the second user, the third request including the second 
identifier; and 

processing the request with the second application instance. 

65. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

means for receiving a first request from a first user, the first request including a first 
identifier used to identify both a session and a user corresponding to the first user; 

means for receiving a second request from a second user, the second request including 
a second identifier used to identify both a session and a user corresponding to the second 
user; and 

means for generating a first application instance responsive to the first identifier and a 
second application instance responsive to the second identifier. 

66. (Previously Presented) An apparatus for performing user and session management 
over a computer network, comprising: 

a processor; and 

a memory in communication with the processor, the memory for storing a plurality of 
processing instructions for enabling the processor to: 
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receive a first request from a first user, the first request including a first 
identifier used to identify both a session and a user corresponding to the first user; 

receive a second request from a second user, the second request including a 
second identifier used to identify both a session and a user corresponding to the second user; 
and 

generate a first application instance responsive to the first identifier and a 
second application instance responsive to the second identifier. 

67. (Previously Presented) A computer-readable medium encoded with processing 
instructions for implementing a method for performing user and session management over a 
computer network, the method comprising: 

receiving a first request from a first user, the first request including a first identifier 
used to identify both a session and a user corresponding to the first user; 

receiving a second request from a second user, the second request including a second 
identifier used to identify both a session and a user corresponding to the second user; and 

generating a first application instance responsive to the first identifier and a second 
application instance responsive to the second identifier. 

68. (Previously Presented) A method for performing user and session management over a 
computer network, comprising: 

receiving, from a first user, a first request in a first session, the first request including 
a first identifier used to identify both a session and a user; 

transmitting a first application instance to the first user in response to the first request; 

receiving, from the first user, a second request in a second session, the second request 
including the first identifier; 

processing the second request through the first application instance; 

receiving, from a second user, a third request in a third user session, the third request 
including a second identifier used to identify both a session and a user corresponding to the 
second user; and 

transmitting a second application instance to the second user in response to the third 
request. 
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69. (Original) The method of claim 68, wherein the first identifier and the second 
identifier do not include further user and session application variables for use by the first and 
the second application instances. 

70. (Original) The method of claim 68, wherein the first identifier includes a random 
number associated with the first user and the second identifier includes a second random 
number associated with the second user. 

71 . (Original) The method of claim 68, further comprising: 
authenticating an identification of the first and second users; and 

assigning the first identifier to the first user and the second identifier to the second 
user based on said authenticating. 

72. (Original) The method of claim 71, wherein said authenticating comprises: 
transmitting a request for a user name and a password to the first and second 
users; 

receiving the user name and password from the first and the second users; and 
comparing the user name and password to stored parameters. 

73. (Original) The method of claim 68, further comprising: 

receiving a fourth request from the first user, the fourth request including the first 
identifier without any further user and session application variables; and 

processing the request with the first application instance based on stored user and 
session management system variables. 

74. (Original) The method of claim 68, further comprising: 

receiving a fourth request from the second user, the fourth request including the 
second identifier without any further user and session variables; and 

processing the request with the second application instance based on stored user and 
session management system variables. 

75. (Previously Presented) A method for interacting with a central server over a computer 
network, comprising: 

transmitting a first request to a central server, the first request including a user 
identifier; 
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receiving a first application instance in response to the first request; and 
transmitting a second request to the central server, the second request including the 

identifier used to identify both a session and a user without further user or session application 

variables; and 

receiving a response to the second request from the application instance. 

76. (Original) The method of claim 75, wherein the first identifier does not include user 
and session variables for use by the first application instance. 

77. (Previously Presented) A method for interacting with a central server over a computer 
network, comprising: 

transmitting a first request to a central server in a first user session, the first request 
including a user identifier; 

receiving a first application instance in response to the first request; and 

transmitting a second request to the central server in a second user session, the second 
request including the identifier used to identify both a session and a user without further user 
or session application variables; and 

receiving a response to the second request from the application instance. 

78. (Original) The method of claim 77, wherein the first identifier does not include user 
and session variables for use by the application instance. 



